mir/sudo
2
0
Fork 0
mirror of https://github.com/sudo-project/sudo.git synced 2025-08-22 09:57:41 +00:00
Code Issues Releases Wiki Activity

Sync sed scripts that add back troff conditionals.

Browse Source 
The sudo manuals contain conditional to avoid describing system-specific
behavior on systems that don't support it.  When we convert from
mdoc to man format we lose those conditionals, these sed scripts
add them back.  Changes to the mdoc files can prevent the regexps
from matching so they need to be updated periodically.
This commit is contained in:
Todd C. Miller 2025-02-23 09:09:26 -07:00
parent 4d331e6026
commit cf1b87c71d
6 changed files with 92 additions and 29 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
docs/sudo.conf.man.in
View File

@ -375,6 +375,7 @@ The default directory to use when searching for plugins
that are specified without a fully qualified path name. that are specified without a fully qualified path name.
The default value is The default value is
\fI@plugindir@\fR. \fI@plugindir@\fR.
.if \n(SL \{\
.TP 6n .TP 6n
sesh sesh
The fully-qualified path to the The fully-qualified path to the

4
docs/sudo.conf.man.in.sed
View File

@ -1,9 +1,9 @@
s/^\(.TH .*\)/.nr SL @SEMAN@\ s/^\(.TH .*\)/.nr SL @SEMAN@\
\1/ \1/
/^\.TP 10n$/ { /^\.TP 6n$/ {
N N
/^.TP 10n\nsesh$/ { /^.TP 6n\nsesh$/ {
i\ i\
.if \\n(SL \\{\\ .if \\n(SL \\{\\
} }

8
docs/sudo.man.in
View File

@ -214,6 +214,7 @@ If no askpass program is available,
\fBsudo\fR \fBsudo\fR
will exit with an error. will exit with an error.
.RE .RE
.if \n(BA \{\
.TP 8n .TP 8n
\fB\-a\fR \fItype\fR, \fB\--auth-type\fR=\fItype\fR \fB\-a\fR \fItype\fR, \fB\--auth-type\fR=\fItype\fR
Use the specified Use the specified
@ -230,6 +231,7 @@ entry in
This option is only available on systems that support This option is only available on systems that support
BSD BSD
authentication. authentication.
.\}
.TP 8n .TP 8n
\fB\-B\fR, \fB\--bell\fR \fB\-B\fR, \fB\--bell\fR
Ring the bell as part of the password prompt when a terminal is present. Ring the bell as part of the password prompt when a terminal is present.
@ -265,6 +267,7 @@ policy only permits use of the
option when the administrator has enabled the option when the administrator has enabled the
\fIclosefrom_override\fR \fIclosefrom_override\fR
option. option.
.if \n(LC \{\
.TP 8n .TP 8n
\fB\-c\fR \fIclass\fR, \fB\--login-class\fR=\fIclass\fR \fB\-c\fR \fIclass\fR, \fB\--login-class\fR=\fIclass\fR
Run the Run the
@ -297,6 +300,7 @@ be applied, if present.
This option is only available on systems with This option is only available on systems with
BSD BSD
login classes. login classes.
.\}
.TP 8n .TP 8n
\fB\-D\fR \fIdirectory\fR, \fB\--chdir\fR=\fIdirectory\fR \fB\-D\fR \fIdirectory\fR, \fB\--chdir\fR=\fIdirectory\fR
Run the Run the
@ -708,12 +712,14 @@ before running the
\fIcommand\fR. \fIcommand\fR.
The security policy may return an error if the user does not have The security policy may return an error if the user does not have
permission to specify the root directory. permission to specify the root directory.
.if \n(SL \{\
.TP 8n .TP 8n
\fB\-r\fR \fIrole\fR, \fB\--role\fR=\fIrole\fR \fB\-r\fR \fIrole\fR, \fB\--role\fR=\fIrole\fR
Run the Run the
\fIcommand\fR \fIcommand\fR
with an SELinux security context that includes the specified with an SELinux security context that includes the specified
\fIrole\fR. \fIrole\fR.
.\}
.TP 8n .TP 8n
\fB\-S\fR, \fB\--stdin\fR \fB\-S\fR, \fB\--stdin\fR
Write the prompt to the standard error and read the password from the Write the prompt to the standard error and read the password from the
@ -746,6 +752,7 @@ Most shells behave differently when a
\fIcommand\fR \fIcommand\fR
is specified as compared to an interactive session; consult the shell's manual is specified as compared to an interactive session; consult the shell's manual
for details. for details.
.if \n(SL \{\
.TP 8n .TP 8n
\fB\-t\fR \fItype\fR, \fB\--type\fR=\fItype\fR \fB\-t\fR \fItype\fR, \fB\--type\fR=\fItype\fR
Run the Run the
@ -755,6 +762,7 @@ with an SELinux security context that includes the specified
If no If no
\fItype\fR \fItype\fR
is specified, the default type is derived from the role. is specified, the default type is derived from the role.
.\}
.TP 8n .TP 8n
\fB\-U\fR \fIuser\fR, \fB\--other-user\fR=\fIuser\fR \fB\-U\fR \fIuser\fR, \fB\--other-user\fR=\fIuser\fR
Used in conjunction with the Used in conjunction with the

34
docs/sudo.man.in.sed
View File

@ -9,37 +9,37 @@ s/^\(\[\\fB\\-c\\fR.*\\fIclass\\fR\]\) *$/.if \\n(LC \1/
s/^\(\[\\fB\\-r\\fR.*\\fIrole\\fR\]\) *$/.if \\n(SL \1/ s/^\(\[\\fB\\-r\\fR.*\\fIrole\\fR\]\) *$/.if \\n(SL \1/
s/^\(\[\\fB\\-t\\fR.*\\fItype\\fR\]\) *$/.if \\n(SL \1/ s/^\(\[\\fB\\-t\\fR.*\\fItype\\fR\]\) *$/.if \\n(SL \1/
/^\.TP 12n$/ { /^\.TP 8n$/ {
N N
/^\.TP 12n\n\\fB\\-a\\fR.*\\fItype\\fR$/,/^\.TP 12n/ { /^\.TP 8n\n\\fB\\-a\\fR.*\\fItype\\fR$/,/^\.TP 8n/ {
/^\.TP 12n/ { /^\.TP 8n/ {
/^\.TP 12n\n\\fB\\-a\\fR.*\\fItype\\fR$/i\ /^\.TP 8n\n\\fB\\-a\\fR.*\\fItype\\fR$/i\
.if \\n(BA \\{\\ .if \\n(BA \\{\\
/^\.TP 12n\n\\fB\\-a\\fR.*\\fItype\\fR$/!i\ /^\.TP 8n\n\\fB\\-a\\fR.*\\fItype\\fR$/!i\
.\\} .\\}
} }
} }
/^\.TP 12n\n\\fB\\-c\\fR.*\\fIclass\\fR$/,/^\.TP 12n/ { /^\.TP 8n\n\\fB\\-c\\fR.*\\fIclass\\fR$/,/^\.TP 8n/ {
/^\.TP 12n/ { /^\.TP 8n/ {
/^\.TP 12n\n\\fB\\-c\\fR.*\\fIclass\\fR$/i\ /^\.TP 8n\n\\fB\\-c\\fR.*\\fIclass\\fR$/i\
.if \\n(LC \\{\\ .if \\n(LC \\{\\
/^\.TP 12n\n\\fB\\-c\\fR.*\\fIclass\\fR$/!i\ /^\.TP 8n\n\\fB\\-c\\fR.*\\fIclass\\fR$/!i\
.\\} .\\}
} }
} }
/^\.TP 12n\n\\fB\\-r\\fR.*\\fIrole\\fR$/,/^\.TP 12n/ { /^\.TP 8n\n\\fB\\-r\\fR.*\\fIrole\\fR$/,/^\.TP 8n/ {
/^\.TP 12n/ { /^\.TP 8n/ {
/^\.TP 12n\n\\fB\\-r\\fR.*\\fIrole\\fR$/i\ /^\.TP 8n\n\\fB\\-r\\fR.*\\fIrole\\fR$/i\
.if \\n(SL \\{\\ .if \\n(SL \\{\\
/^\.TP 12n\n\\fB\\-r\\fR.*\\fIrole\\fR$/!i\ /^\.TP 8n\n\\fB\\-r\\fR.*\\fIrole\\fR$/!i\
.\\} .\\}
} }
} }
/^\.TP 12n\n\\fB\\-t\\fR.*\\fItype\\fR$/,/^\.TP 12n/ { /^\.TP 8n\n\\fB\\-t\\fR.*\\fItype\\fR$/,/^\.TP 8n/ {
/^\.TP 12n/ { /^\.TP 8n/ {
/^\.TP 12n\n\\fB\\-t\\fR.*\\fItype\\fR$/i\ /^\.TP 8n\n\\fB\\-t\\fR.*\\fItype\\fR$/i\
.if \\n(SL \\{\\ .if \\n(SL \\{\\
/^\.TP 12n\n\\fB\\-t\\fR.*\\fItype\\fR$/!i\ /^\.TP 8n\n\\fB\\-t\\fR.*\\fItype\\fR$/!i\
.\\} .\\}
} }
} }

25
docs/sudoers.man.in
View File

@ -22,6 +22,7 @@
.\" Materiel Command, USAF, under agreement number F39502-99-1-0512. .\" Materiel Command, USAF, under agreement number F39502-99-1-0512.
.\" .\"
.nr SL @SEMAN@ .nr SL @SEMAN@
.nr AA @AAMAN@
.nr BA @BAMAN@ .nr BA @BAMAN@
.nr LC @LCMAN@ .nr LC @LCMAN@
.nr PS @PSMAN@ .nr PS @PSMAN@
@ -1387,20 +1388,28 @@ Cmnd_Spec ::= Runas_Spec? Option_Spec* (Tag_Spec ':')* Cmnd
Runas_Spec ::= '(' Runas_List? (':' Runas_List)? ')' Runas_Spec ::= '(' Runas_List? (':' Runas_List)? ')'
.ie \n(SL \{\ .ie \n(SL \{\
.ie \n(PS Option_Spec ::= (SELinux_Spec | Solaris_Priv_Spec | Date_Spec | Timeout_Spec) .ie \n(PS Option_Spec ::= (SELinux_Spec | Solaris_Priv_Spec | Date_Spec | Timeout_Spec | Chdir_Spec | Chroot_Spec)
.el Option_Spec ::= (SELinux_Spec | Date_Spec | Timeout_Spec) .el Option_Spec ::= (SELinux_Spec | Date_Spec | Timeout_Spec | Chdir_Spec | Chroot_Spec)
.\} .\}
.el \{\ .el \{\
.ie \n(PS Option_Spec ::= (Solaris_Priv_Spec | Date_Spec | Timeout_Spec) .ie \n(AA \{\
.el Option_Spec ::= (Date_Spec | Timeout_Spec) .ie \n(PS Option_Spec ::= (AppArmor_Spec | Solaris_Priv_Spec | Date_Spec | Timeout_Spec | Chdir_Spec | Chroot_Spec)
.el Option_Spec ::= (AppArmor_Spec | Date_Spec | Timeout_Spec | Chdir_Spec | Chroot_Spec)
.\}
.el \{\
.ie \n(PS Option_Spec ::= (Solaris_Priv_Spec | Date_Spec | Timeout_Spec | Chdir_Spec | Chroot_Spec)
.el Option_Spec ::= (Date_Spec | Timeout_Spec | Chdir_Spec | Chroot_Spec)
.\}
.\} .\}
.if \n(SL \{\ .if \n(SL \{\
SELinux_Spec ::= ('ROLE=role' | 'TYPE=type') SELinux_Spec ::= ('ROLE=role' | 'TYPE=type')
.\} .\}
.if \n(AA \{\
AppArmor_Spec ::= 'APPARMOR_PROFILE=profile' AppArmor_Spec ::= 'APPARMOR_PROFILE=profile'
.\}
.if \n(PS \{\ .if \n(PS \{\
Solaris_Priv_Spec ::= ('PRIVS=privset' | 'LIMITPRIVS=privset') Solaris_Priv_Spec ::= ('PRIVS=privset' | 'LIMITPRIVS=privset')
@ -1622,7 +1631,9 @@ Options may consist of
.if \n(SL \{\ .if \n(SL \{\
SELinux roles and/or types, SELinux roles and/or types,
.\} .\}
.if \n(AA \{\
AppArmor profiles, AppArmor profiles,
.\}
.if \n(PS \{\ .if \n(PS \{\
Solaris privileges sets, Solaris privileges sets,
.\} .\}
@ -1653,6 +1664,7 @@ A role or type specified on the command line,
however, will supersede the values in however, will supersede the values in
\fIsudoers\fR. \fIsudoers\fR.
.\} .\}
.if \n(AA \{\
.SS "AppArmor_Spec" .SS "AppArmor_Spec"
On systems supporting AppArmor, On systems supporting AppArmor,
\fIsudoers\fR \fIsudoers\fR
@ -1711,6 +1723,7 @@ and user
to run to run
\fI/bin/ls\fR \fI/bin/ls\fR
without any confinement at all. without any confinement at all.
.\}
.if \n(PS \{\ .if \n(PS \{\
.SS "Solaris_Priv_Spec" .SS "Solaris_Priv_Spec"
On Solaris systems, On Solaris systems,
@ -4255,7 +4268,7 @@ will set the umask to be the union of the user's umask and what is specified in
This flag is This flag is
\fI@umask_override@\fR \fI@umask_override@\fR
by default. by default.
.if \n(BA \{\ .if \n(LC \{\
.TP 18n .TP 18n
use_loginclass use_loginclass
If set, If set,
@ -4519,6 +4532,7 @@ The umask setting in PAM is not used for
which does not create a new PAM session. which does not create a new PAM session.
.PP .PP
\fBStrings\fR: \fBStrings\fR:
.if \n(AA \{\
.TP 18n .TP 18n
apparmor_profile apparmor_profile
The default AppArmor profile to transition into when executing the The default AppArmor profile to transition into when executing the
@ -4532,6 +4546,7 @@ entries by specifying the
option. option.
This option is only available when sudo is built with AppArmor This option is only available when sudo is built with AppArmor
support. support.
.\}
.TP 18n .TP 18n
cmddenial_message cmddenial_message
.br .br

49
docs/sudoers.man.in.sed
View File

@ -1,4 +1,5 @@
s/^\(.TH .*\)/.nr SL @SEMAN@\ s/^\(.TH .*\)/.nr SL @SEMAN@\
.nr AA @AAMAN@\
.nr BA @BAMAN@\ .nr BA @BAMAN@\
.nr LC @LCMAN@\ .nr LC @LCMAN@\
.nr PS @PSMAN@\ .nr PS @PSMAN@\
@ -21,6 +22,15 @@ s/^\(.TH .*\)/.nr SL @SEMAN@\
} }
} }
/^\.SS "AppArmor_Spec"$/,/^\.SS/ {
/^\.SS / {
/^\.SS "AppArmor_Spec"$/i\
.if \\n(AA \\{\\
/^\.SS "AppArmor_Spec"$/!i\
.\\}
}
}
/^\.SS "Solaris_Priv_Spec"$/,/^\.SS/ { /^\.SS "Solaris_Priv_Spec"$/,/^\.SS/ {
/^\.SS / { /^\.SS / {
/^\.SS "Solaris_Priv_Spec"$/i\ /^\.SS "Solaris_Priv_Spec"$/i\
@ -32,12 +42,18 @@ s/^\(.TH .*\)/.nr SL @SEMAN@\
/^Option_Spec ::= / { /^Option_Spec ::= / {
s/^.*$/.ie \\n(SL \\{\\\ s/^.*$/.ie \\n(SL \\{\\\
.ie \\n(PS Option_Spec ::= (SELinux_Spec | Solaris_Priv_Spec | Date_Spec | Timeout_Spec)\ .ie \\n(PS Option_Spec ::= (SELinux_Spec | Solaris_Priv_Spec | Date_Spec | Timeout_Spec | Chdir_Spec | Chroot_Spec)\
.el Option_Spec ::= (SELinux_Spec | Date_Spec | Timeout_Spec)\ .el Option_Spec ::= (SELinux_Spec | Date_Spec | Timeout_Spec | Chdir_Spec | Chroot_Spec)\
.\\}\ .\\}\
.el \\{\\\ .el \\{\\\
.ie \\n(PS Option_Spec ::= (Solaris_Priv_Spec | Date_Spec | Timeout_Spec)\ .ie \\n(AA \\{\\\
.el Option_Spec ::= (Date_Spec | Timeout_Spec)\ .ie \\n(PS Option_Spec ::= (AppArmor_Spec | Solaris_Priv_Spec | Date_Spec | Timeout_Spec | Chdir_Spec | Chroot_Spec)\
.el Option_Spec ::= (AppArmor_Spec | Date_Spec | Timeout_Spec | Chdir_Spec | Chroot_Spec)\
.\\}\
.el \\{\\\
.ie \\n(PS Option_Spec ::= (Solaris_Priv_Spec | Date_Spec | Timeout_Spec | Chdir_Spec | Chroot_Spec)\
.el Option_Spec ::= (Date_Spec | Timeout_Spec | Chdir_Spec | Chroot_Spec)\
.\\}\
.\\}/ .\\}/
} }
@ -49,6 +65,14 @@ s/^\(.TH .*\)/.nr SL @SEMAN@\
.\\} .\\}
} }
/^AppArmor_Spec ::=/ {
i\
.if \\n(AA \\{\\
N
a\
.\\}
}
/^Solaris_Priv_Spec ::=/ { /^Solaris_Priv_Spec ::=/ {
i\ i\
.if \\n(PS \\{\\ .if \\n(PS \\{\\
@ -64,6 +88,13 @@ s/^\(.TH .*\)/.nr SL @SEMAN@\
.\\} .\\}
} }
/^AppArmor profiles,/ {
i\
.if \\n(AA \\{\\
a\
.\\}
}
/^Solaris privileges sets,/ { /^Solaris privileges sets,/ {
i\ i\
.if \\n(PS \\{\\ .if \\n(PS \\{\\
@ -76,8 +107,16 @@ s/^\(.TH .*\)/.nr SL @SEMAN@\
/^\.TP 18n\nuse_loginclass$/,/^\.TP 18n/ { /^\.TP 18n\nuse_loginclass$/,/^\.TP 18n/ {
/^\.TP 18n/ { /^\.TP 18n/ {
/^\.TP 18n\nuse_loginclass$/i\ /^\.TP 18n\nuse_loginclass$/i\
.if \\n(BA \\{\\ .if \\n(LC \\{\\
/^\.TP 18n\nuse_loginclass$/!i\ /^\.TP 18n\nuse_loginclass$/!i\
.\\}
}
}
/^\.TP 18n\napparmor_profile$/,/^\.TP 18n/ {
/^\.TP 18n/ {
/^\.TP 18n\napparmor_profile$/i\
.if \\n(AA \\{\\
/^\.TP 18n\napparmor_profile$/!i\
.\\} .\\}
} }
} }